Introduction

Context

A custom FTP service is running on the the port 12012 of the target, we have to find a way to bypass the authentication mechanism.

The binary is an ELF 64-bit, with a simple static analysis we find out that to authenticate a user the FTP service compare the username with the string "blankwall" and generate a 32 bits hash for the submitted password, this hash must equal to the value 0xD386D209 to grant access to the FTP commands.

Hash function

Understanding the function responsible for the hash generation is quite simple, here is what the disassembly looks like.

Generating a valid password

Basically what we need to do now is to find a string for which the hash function will generate the value 0xD386D209.To do so we used Z3 The Theorem Prover, it's an excellent tool for key generation algorithms.

First we have to transcribe the hash algorithm to Python. Note that although this a 64 bit binary we can fit the algorithm of the hash function on 32 bit registers.

We decided to generate an alphanumeric string of 10 chars, in a very short amount of time some valid passwords will satisfy our conditions and appear in the terminal.

Getting the flag

Now getting the flag is trivial, a simple netcat command would do the job but it's more explicit in Python.The script sends the username, the password and the RDF command which order the server to read the file containing the flag.

Conclusion

Automated theorem proving can be very handful for reverse engineering.Mixing satisfiability modulo theories and symbolic execution is trending you should look at KLEE a symbolic virtual machine built on top of the LLVM compiler infrastructure.

Unfortunately this year we haven't spent much time participating to the CSAW CTF due to other occupations during the event.But we couldn't completely ignore this event so we tried a few challenges on our free time.